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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 



- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )S Responsive to communication(s) filed on 25 June 2007 . 
2a)KI This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) E3 Claim(s) 7-33 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) KI Claim(s) 1-33 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)\J None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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Response to Amendment 



1 . This is in response to the request for re-consideration filed 06/25/2007. 

2. Applicant's arguments with respect to claiml-33 have been considered but they are not 
persuasive. 



Quotations of U.S. Code Title 35 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 
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5. The claims and only the claims form the metes and bounds of the invention. "Office 
personnel are to give claims their broadest reasonable interpretation in light of the supporting 
disclosure. In re Morris, 127 F.3d 1048, 1054-55, 44 USPQ2d 1023, 1027-28 (Fed. Cir 1997). 
Limitations appearing in the specification but not recited in the claim are not read into the claim. 
In re Prater, 415 F.2d 1393, 1404-05, 162 USPQ541, 550-551 (CCPA 1969)" (MPEP p2100-8, c 
2, I 45-48; p 2100-9, c 1, I 1-4). The Examiner has full latitude to interpret each claim in the 
broadest reasonable sense. The Examiner will reference prior art using terminology familiar to 
one of ordinary skill in the art. Such an approach is broad in concept and can be either explicit or 
implicit in meaning. 

Claim Rejections - 35 USC § 102 

6. Claims 1, 5-7, 9, 10, 20, 23-25, and 27-29 are rejected under 35 U.S.C. 102(e) as being 
anticipated by U.S. Patent No. 6,421,571 ("Spriggs"). 

Regarding claim 1 

Spriggs teaches "an automation security system, comprising: an asset component that defines an 
industrial automation device" (see C 3 L 20-24 "asset management system for protecting and 
managing industrial plant assets"); "an access component that defines a security attribute 
associated with the industrial automation device" (see C 14 L 20-39 and C 27 L 64 to C 28 L 1- 
2 "settings security based on each user associates with different instrumentations of the industrial 
plant"); "and a security component that regulates access to the industrial automation device 
based upon the security attribute" (see C 28 L 2-4 "a security manager module 222 regulates 
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access to the control and configuration of devices such as a portable system or an on-line system 
based upon security attribute of each user"). 

It should be noted that since claimed limitations are broad enough, the security manager 
module 222 ofSpriggs is sufficient to cover the security component as claimed. 
Regarding claim 20 

Spriggs teaches "an automation security system, comprising: a server that manages a network 
interface between networked industrial automation devices and other devices attempting access 
to the networked industrial automation devices'' (see C 3 L 20-24 and L 31-57 "asset 
management system for protecting and managing industrial plant assets on a network"); "a 
security management module associated with the network interface that enforces an enterprise 
wide policy and that manages security threats directed to the networked industrial automation 
devices" (see C 14 L 20-39 and C 27 L 64 to C 28 L 1-4 "a security manager module 222 
enforces security settings for system 10. The security settings are based on each user to access 
different instrumentations of the industrial plant such as a portable system or an on-line 
system"). 

It should be noted that since claimed limitations are broad enough the security manager 
module 222 ofSpriggs is sufficient to cover the security component as claimed. 
Regarding claim 24 

Spriggs teaches "an automation security methodology, comprising: electronically analyzing an 
industrial automation device" (see C 3 L 20-24 and L 31-57 "asset management system for 
protecting and managing industrial plant assets on a network"); "programmatically modeling the 
industrial automation device in accordance with network security considerations" (see C 6 L 55- 
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61); "and automatically developing a security framework for an automation system based in part 
on the modeling of the industrial automation device and a network access type" (see C 14 L 20- 
39 and C 27 L 64 to C 28 L 1-4 "a security manager module 222 enforces security settings for 
system 10. The security settings are based on each user to access different instrumentations of 
the industrial plant such as a portable system or an on-line system"). 

It should be noted that since claimed limitations are broad enough, the security manager 
module 222 of Spriggs is sufficient to cover the security component as claimed. 
Regarding claim 28 

Spriggs teaches "an automated security system for an automation control environment, 
comprising: means for defining one or more security attributes associated with at least one 
network request" (see C 3 L 20-24 and L 31-57 "asset management system for protecting and 
managing industrial plant assets on a network"); "means for processing the one or more security 
attributes" (see C 14 L 20-39 and C 27 L 64 to C 28 L 2 "settings security based on each user for 
accessing different instrumentations of the industrial plant"); "means for automatically 
determining which network devices require security resources" (see C 17 L 11-18); "means for 
controlling access to at least one of a network device and an industrial automation component 
based in part on the one or more security attributes" (see C 28 L 2-4 "a security manager 
module 222 regulates access to the control and configuration of devices such as a portable 
system or an on-line system based upon security attribute of each user"). 

It should be noted that since claimed limitations are broad enough, the security manager 
module 222 of Spriggs is sufficient to cover the security component as claimed. 
Regarding claim 29 
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Spriggs teaches "a security schema for a factory automation system, comprising: a first data 
field that describes industrial automation devices'' (see C 3 L 20-24 and L 31-57 "asset 
management system for protecting and managing industrial plant assets on a network"); "a 
second data field that describes security parameters for the industrial automation devices" (see 
C 14 L 20-39 and C 27 L 66 to C 28 L 1-2 "settings security based on each user for accessing 
different instrumentations of the industrial plant"); "and a schema that associates the first and 
second data fields, the schema employed to limit access to the industrial automation devices 
based upon the security parameters" (see C 28 L 2-4 "a security manager module 222 regulates 
access to the control and configuration of devices such as a portable system or an on-line system 
based upon security attribute of each user"). 

It should be noted that since claimed limitations are broad enough, the security manager 
module 222 of Spriggs is sufficient to cover the security component as claimed 

Regarding claim 5 

Spriggs teaches the asset component describes at least one of factory components and groupings, 
the factory components are at least one of sensors, actuators, controllers, I/O modules, 
communications modules, and human-machine interface (HMI) devices (see C 3 L 45-52 and C 
7 L 2-5). 

Regarding claim 6 

Spriggs teaches the groupings include factory components that are grouped into at least one of 
machines, machines grouped into lines, and lines grouped into facilities (see C 3 L 53-57). 
Regarding claim 7 
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Spriggs teaches the groupings have associated severity attributes such as at least one of risk and 
security incident cost (see C 4 L 31-37). 
Regarding claim 9 

Spriggs teaches a set of generic IT components and specifies parameters to assemble and 
configure the IT components to achieve flexible access to the industrial automation device (see C 
6 L 55-61). 
Regarding claim 10 

Spriggs teaches the IT components include at least one of switches with virtual local area 
network (VLAN) capability, routers with access list capability, firewalls, virtual private network 
(VPN) termination devices, intrusion detection systems, AAA servers, configuration tools, and 
monitoring tools (see C 7 L 26-44). 
Regarding claim 23 

Spriggs teaches at least one of: an authentication with the one or more servers to establish a 
secure link; a secure link to authenticate and authorize access to a requestor of the networked 
industrial automation device; and establishment of a secure session with the requestor if access is 
authorized (see C 3 L 45-52 and C 7 L 2-5). 
Regarding claim 25 

Spriggs teaches analyzing one or more security attributes to determine whether access should be 
granted to the one or more industrial automation assets (see C 3 L 20-25). 
Regarding claim 27 

Spriggs teaches at least one of: determining whether to grant access to the one or more 
automation assets; granting access from the industrial automation device; and granting access 
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from the industrial automation device; and granting access from a network device associated 
with the industrial automation device (see C 27 L 65 to C 28 L 6). 

7. Claims 2-4, 1 1-19, 21, 22, 26 5 and 30-33 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Spriggs in view of U.S. Patent Application Publication No. 2004/0034774 
("Le Saint"). 

Regarding claims 2-4, 26 and 30 

Spriggs does not specifically discuss the one or more or more security attributes including at 
least one of a role attribute, a time attribute, a location attribute, and an access type attribute; the 
security component is based on at least one of a formal threat analysis, a vulnerability analysis, a 
factory topology mapping and an attack tree analysis; the security component is based on at least 
one of automation and process control security, cryptography, and 
Authentication/ Authorization/ Accounting (AAA). 

However, Le Saint teaches the one or more or more security attributes including at least 
one of a role attribute, a time attribute, a location attribute, and an access type attribute (see 
paragraphs 6 and 10); the security component is based on at least one of a formal threat analysis, 
a vulnerability analysis, a factory topology mapping and an attack tree analysis (see paragraph 
48); the security component is based on at least one of automation and process control security, 
cryptography, and Authentication/Authorization/Accounting (AAA) (see paragraph 13). 

Therefore, it would have been obvious to one of ordinary skill in the art at the time of the 
invention to incorporate the security attributes and security component of Le Saint with the 
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system of Spriggs because it would provide for the purpose of enforcing control aspect stated in 
the attributes including security policies and delegated privilege state. 
Regarding claims 11-22 and 31-33 

Spriggs does not specifically disclose security parameters and policies that are developed for 
physical and electronic security for various component types; at least one of security protection 
levels, identification entry capabilities, integrity algorithms, and privacy algorithms; the security 
component includes at least one of authentication software, virus detection, intrusion detection, 
authorization software, attack detection, protocol checker, and encryption software; at least one 
of acts as an intermediary between an access system and one or more automation components, 
and facilitates communications between the access system and the one or more automation 
components; the security attributes are specified as part of a network request to gain access to the 
one or more factory assets, the security attributes included in at least one of a group, set, subset, 
and class; the security component employs at least one authentication procedure and an 
authorization procedure to process the network request; one or more security protocols including 
at least one of Internet Protocol Security (IPSec), Kerberos, Diffie-Hellman exchange, Internet 
Key Exchange (IKE), digital certificate, pre-shared key, and encrypted password, to process the 
network request; at least one of an access key and a security switch to control network access to 
a device or network; the access key further comprises at least one of time, location, batch, 
process, program, calendar, GPS (Global Positioning Information) to specify local and wireless 
network locations, to control access to the device or network; the security management module 
at least one of schedules audits, establishes a security policy, applies the policy from a single or 
distributed console, and generates reports that identify potential weaknesses in security; the 
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security management module provides an interface to at least one of add 5 delete and modify 
security rights of an individual, a group, or a device and distribute security information to 
various controllers and control devices; a response schema to provide status to a requesting 
network device; the response schema including at least one of a status field, a time field, an 
access type field, an access location field, and a key field, an attachment field to indicate other 
security data follows the response schema. 

However, Le Saint teaches security parameters and policies that are developed for 
physical and electronic security for various component types (see paragraph 50); at least one of 
security protection levels, identification entry capabilities, integrity algorithms, and privacy 
algorithms (see paragraph 50); the security component includes at least one of authentication 
software, virus detection, intrusion detection, authorization software, attack detection, protocol 
checker, and encryption software (see paragraph 52); at least one of the industrial automation 
devices acts as an intermediary between an access system and one or more automation 
components, and facilitates communications between the access system and the one or more 
automation components (see paragraph 52); the security attributes are specified as part of a 
network request to gain access to the one or more factory assets, the security attributes included 
in at least one of a group, set, subset, and class; the security component employs at least one 
authentication procedure and an authorization procedure to process the network request (see 
paragraph 57); one or more security protocols including at least one of Internet Protocol Security 
(IPSec), Kerberos, Diffie-Hellman exchange, Internet Key Exchange (IKE), digital certificate, 
pre-shared key, and encrypted password, to process the network request (see paragraph 54); 
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at least one of an access key and a security switch to control network access to a device or 
network; the access key further comprises at least one of time, location, batch, process, program, 
calendar, GPS (Global Positioning Information) to specify local and wireless network locations, 
to control access to the device or network (see paragraph 57); the security management module 
at least one of schedules audits, establishes a security policy, applies the policy from a single or 
distributed console, and generates reports that identify potential weaknesses in security; the 
security management module provides an interface to at least one of add, delete and modify 
security rights of an individual, a group, or a device and distribute security information to 
various controllers and control devices (see paragraph 60); a response schema to provide status 
to a requesting network device; the response schema including at least one of a status field, a 
time field, an access type field, an access location field, and a key field, an attachment field to 
indicate other security data follows the response schema (see paragraph 63). 

Therefore, it would have been obvious to one of ordinary skill in the art at the time of the 
invention to incorporate the security system of Le Saint with the system of Spriggs because it 
would provide for the purpose of enforcing control aspect stated in the attributes including 
security policies and delegated privilege state. 

8. Claim 8 is rejected under 35 U.S.C. 103(a) as being unpatentable over U.S. Patent No. 
6,421,571 ("Spriggs"). 
Regarding claim 8 

Spriggs do not specifically teach an ISA S95 Model for Enterprise to Control System integration 
to integrate security aspects across or within respective groupings. "Official Notice" is taken that 
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both the concept and advantages of providing an ISA S95 Model for Enterprise to Control 
System integration to integrate security aspects across or within respective groupings is well 
known and expected in the art. U.S. Patent Application Publication No. 2003/0014500 to 
Schleiss et al. discloses a preferred flow of communication between various process control and 
information technology systems are typically found within an enterprise defined by an ISA S95 
model international standard (see paragraphs 7 and 8). It would have been obvious to one of 
ordinary skill in the art to include the ISA S95 model for Enterprise to Control system to Spriggs 
because it would provide for interacting between production or process control systems, 
enterprise resource planning systems and manufacturing execution systems to facilitate the 
integration of these systems. 

Response to Arguments 

In the remarks, applicant's argues that cited reference fails to teach: 

I) "defining a security attribute associated with the industrial automation device, and a 
security component that regulates access to the industrial automation device based upon the 
security attribute" as to claims 1, 28 and 29. 

II) "enforcing an enterprise wide policy and managing security threats directed to the 
networked industrial automation devices" as to claim 20. 

III) "automatically developing a security framework for an automation system" as to claim 
24. 



In response to the remarks, 



Application/Control Number: 1 0/66 1 ,239 Page 1 3 

Art Unit: 2121 

I) Prior art Spriggs et al. (USPN 6,421 ,571) teaches a security manager module 222 is 
setting security attribute for each of the user, where the setting is used to regulate user access a 
particular device for controlling and configuring the device. For example, some user can gain 
access to control and configure a portable system but not for an on-line system of the industrial 
plant as described in column 14 lines 20-29, column 27 line 64 to column 28 line 4. 

Applicant argues that with the system of Spriggs et al., one could still access the device 
outside of the system. However, it should be noted that since claimed invention are broad enough 
that the security manager module 222 of Spriggs is sufficient to cover the security component of 
the limitations as claimed. 

II) The security manager module 222 of Spriggs enforces security settings for the entire 
system 10. The security manager module 222 regulates access to different instrumentations of 
the industrial plant based on security setting of each individual user in association with the 
different instrumentations or devices as described in column 14 lines 20-39 and column 27 line 
64 to column 28 line 4. 

III) Similar to II) above, the security manager module 222 of Spriggs enforces security 
settings for the entire system 10 within it security frame work created for each of the user in 
association with the different instrumentations or devices. The security manager module 222 
regulates access to different instrumentations of the industrial plant based on security setting of 
each individual user as described in column 14 lines 20-39 and column 27 line 64 to column 28 
line 4. 
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Conclusion 



9. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 . 1 36(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to examiner Thomas Pham; whose telephone number is (571) 272- 
3689, Monday - Friday from 7:30 AM - 4:00 PM EST or contact Supervisor Mr. Anthony Knight 
at (571) 272-3687. 

Any response to this office action should be mailed to: Commissioner for Patents, P.O. 
Box 1450, Alexandria VA 22313-1450. Responses may also be faxed to the official fax 
number (571) 273-8300. 

Thomas Pham 

Primary Examiner 




August 31, 2007 



